October 21, 2015

2-of-2 Multisig

One of the criticisms for our first products was the fact that our coins weren’t trustless. The private key is created by us, therefore the customer needs to trust us. If the plan is to store a large amounts of bitcoins in our coins, one doesn’t necessarily want to take any chances. Therefore we wanted to add an option for a trustless Denarium coin.

Denarium Multisig uses 2-of-2 multi-signature model where customer provides his/her own public key which is combined with the key in Denarium coin to create P2SH bitcoin address. That is a bitcoin address starting with letter 3. That second-factor private key can be generated in any way; you can use any wallet software, paper wallet, or deterministic wallet as long as you are able to export a single public key from it.

When you order Denarium Multisig coin you receive unique P2SH address for each coin in that order. In most cases you would use the same two-factor key for every coin you have. It is also possible to order different keys in the same shipment; just add the product to cart multiple times. When you activate the coin, the coin is loaded like an ordinary Denarium coin. Also, by sending bitcoins to the provided P2SH address it is possible load any bitcoin amount to the coin at later time.

To spend the bitcoins in the coin the customer must have access his own private key and the private key hidden in the coin. It needs some manual work currently but in future handling of multisig coins will certainly become much easier. If you need help with multisig spending, send us an email to [email protected].

All second-factor public keys are published at Denarium database. That makes spending the coin value easier; you don’t need to store the multisig script yourself. Just keep your Denarium coin and the second-factor private key safe. Needless to say, but we can’t help if you lose your keys.

How to extract public key from various wallets

We have compiled instructions for some popular wallets about how to extract public key for your second-factor address. Please note that extended public keys (BIP 0032) used by so-called HD wallets are not directly compatible but there are tools for extracting a public key of given address in an HD wallet.

Bitaddress.org:

Bitaddress is not a wallet but a popular tool for creating paper wallets. Please be advised that you should do all private key handling offline.

  1. Generate a new private key, if needed
  2. Go to Wallet details
  3. Paste private key and click View details
  4. Collect public key.

Both compressed and uncompressed formats are OK as long as you store the corresponding private key. If you have a choice, pick compressed format.

Electrum:

$ electrum getpubkeys 1DjXKF6FRrc79JgLmCXraYukm4y4XPmzF4
{
    "address": "1DjXKF6FRrc79JgLmCXraYukm4y4XPmzF4",
    "pubkeys": [
        "04a00615120e73534c36eb78db4f7ea3ee72e9bd2e93c95245abfda3fc60f1ecc185a7fd9713518097a75ee6b77740740123b2626bb2e91074ca0b876c75a6abba"
    ]
}

Public key is emboldened. If you want to generate new bitcoin address, just create one before running getpubkeys.

Bitcoin Core and Classic:

$ validateaddress 15uxSLE66YZEwti9Jw1L7RKJ2w5B6mLUTr
{
    “account”: “”,
    “address': “15uxSLE66YZEwti9Jw1L7RKJ2w5B6mLUTr”,
    “iscompressed': true,
    “ismine': true,
    “isscript': false,
    “isvalid': true,
    “iswatchonly': false,
    “pubkey': “0267d5f60d94a6bbe9860ac989dc1cc6f5933313aa6a85ea4a22ec1a7a2452beef”,
    “scriptPubKey”: “76a91435e468cf810e1899c9e43e7e9e24bd02a4a5faf788ac”
}

Public key is emboldened. If you want to generate new bitcoin address, use getnewaddress before validateaddress.

Other wallets:

Our instructions are not comprehensive but we are happy to add instructions for your wallet.

If you can’t find a method for extracting the public key but you are able to extract private key, it is possible to use bitaddress.org to extract public key. Please be advised that you should do it offline.